Re: gettimeofday((void *)-1, NULL) implicates core dump on recent FreeBSD 11-CURRENT

From: Garrett Wollman <wollman_at_hergotha.csail.mit.edu>
Date: Tue, 7 Jul 2015 18:41:54 -0400 (EDT)
In article
<CAPQ4ffuTcN_ytcH7GPY0s6OqWK9qo6MGaVZhOB+0ojWfd=fNCg_at_mail.gmail.com>
oliver.pinter_at_hardenedbsd.org writes:

>We discovered that one of the kyua test failing from gettimeofday tests.
>The error is reproducible on recent snapshot from 11-CURRENT:
>ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/amd64/amd64/ISO-IMAGES/11.0/FreeBSD-11.0-CURRENT-amd64-20150630-r284969-disc1.iso
>
>root_at_freebsd:~ # cat test-gtod.c
>#include <sys/time.h>
>#include <stdio.h>
>
>int
>main(int argc, char **argv)
>{
>
>        return (gettimeofday((void *)-1, NULL));
>}

Undefined behavior here, so the implementation is allowed to do
literally anything at all.  Certainly there's nothing wrong with it
dumping core here, and the test is erroneous if it expects otherwise.
The first argument to gettimeofday() MUST be a valid pointer to struct
timeval, and the implementation does depend on this.

Perhaps the test was (erroneously) written to assume that
gettimeofday() was a system call, and could therefore detect invalid
pointers and return [EFAULT].  This has not been the case for some
time.  (In HEAD, not since r237434, which is three years ago.)

-GAWollman
Received on Tue Jul 07 2015 - 20:41:57 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:58 UTC